Debian/nss — 131 CVEs · VulnScope

pkg:Debian/nss

131 total CVEsCRITICAL17HIGH34MEDIUM34LOW4

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2026-2781nss - security update
from 0, < 2:3.61-1+deb11u5
CRITICAL9.8CVE-2026-2781nss - security update
from 0, < 2:3.61-1+deb11u5
CRITICAL9.8CVE-2026-2781nss - security update
from 0, < 2:3.87.1-1+deb12u2
CRITICAL9.8A mismatch between allocator and deallocator could have led to memory corruption.
from 0, < 2:3.61-1+deb11u4
CRITICAL9.8pound - security update
from 0, < 3.12.6-1
CRITICAL9.8pound - security update
from 0, < 3.12.3.1-0lenny3
CRITICAL9.8nss - security update
from 0, < 2:3.42.1-1+deb10u4
CRITICAL9.8nss - security update
from 0, < 2:3.26.2-1.1+deb9u3
CRITICAL9.8nss - security update
from 0, < 2:3.61-1+deb11u1
CRITICAL9.8nss - security update
from 0, < 2:3.42.1-1+deb10u3
CRITICAL9.8nss - security update
from 0, < 2:3.26-1+debu8u10
CRITICAL9.8nss - security update
from 0, < 2:3.47-1
CRITICAL9.8nss - security update
from 0, < 2:3.26-1+debu8u2
CRITICAL9.8nss - security update
from 0, < 2:3.26-1+debu7u3
CRITICAL9.8nss - security update
from 0, < 2:3.26.2-1.1
CRITICAL9.8Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as use…
from 0, < 2:3.20.1-1
CRITICAL9.1A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55.
from 0, < 2:3.55-1
HIGH8.8When almost out-of-memory an elliptic curve key which was never allocated could have been freed again.
from 0, < 2:3.61-1+deb11u4
HIGH8.8nss - security update
from 0, < 2:3.61-1+deb11u3
HIGH8.8nss - security update
from 0, < 2:3.61-1+deb11u3
HIGH8.8nss - security update
from 0, < 2:3.42.1-1+deb10u2
HIGH8.8nss - security update
from 0, < 2:3.47.1-1
HIGH8.8nss - security update
from 0, < 2:3.26-1+debu8u7
HIGH8.8nss - security update
from 0, < 2:3.14.5-1+deb7u8
HIGH8.8nss - security update
from 0, < 2:3.23-1
HIGH8.8icedove - security update
from 0, < 2:3.21-1
HIGH8.8icedove - security update
from 0, < 2:3.23-1
HIGH7.8Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dep…
from 0
HIGH7.8The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of s…
from 0
HIGH7.8Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-depe…
from 0
HIGH7.8Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-depen…
from 0
HIGH7.5Incorrect boundary conditions in the Libraries component in NSS.
from 0
HIGH7.5Incorrect boundary conditions in the Libraries component in NSS.
from 0
HIGH7.5nss - security update
from 0, < 2:3.87.1-1+deb12u1
HIGH7.5nss - security update
from 0, < 2:3.61-1+deb11u4
HIGH7.5nss - security update
from 0, < 2:3.61-1+deb11u4
HIGH7.5A vulnerability found in nss.
from 0, < 2:3.87-1
HIGH7.5nss - security update
from 0, < 2:3.45-1
HIGH7.5nss - security update
from 0, < 2:3.26-1+debu8u8
HIGH7.5nss - security update
from 0, < 2:3.58-1
HIGH7.5nss - security update
from 0, < 2:3.42.1-1+deb10u7
HIGH7.5A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / s…
from 0, < 2:3.25-1
HIGH7.5Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into me…
from 0, < 2:3.45-1
HIGH7.5nss - security update
from 0, < 2:3.26-1+debu8u5
HIGH7.5nss - security update
from 0, < 2:3.45-1
HIGH7.5nss - security update
from 0, < 2:3.26-1+debu7u5
HIGH7.5nss - security update
from 0, < 2:3.33-1
HIGH7.5nss - security update
from 0, < 2:3.26-1+debu8u3
HIGH7.5nss - security update
from 0, < 2:3.26.2-1.1
HIGH7.5nss - security update
from 0, < 2:3.26-1+debu7u4
HIGH7.3Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as us…
from 0, < 2:3.21-1
MEDIUM6.5Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridg…
from 0
MEDIUM6.5thunderbird - security update
from 0
MEDIUM6.5thunderbird - security update
from 0, < 2:3.42.1-1+deb10u8
MEDIUM6.5The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks.
from 0, < 2:3.61-1
MEDIUM6.5nss - security update
from 0, < 2:3.61-1+deb11u2
MEDIUM6.5nss - security update
from 0, < 2:3.26.2-1.1+deb9u5
MEDIUM6.5nss - security update
from 0, < 2:3.42.1-1+deb10u5
MEDIUM6.5In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resu…
from 0, < 2:3.42.1-1
MEDIUM6.5After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition i…
from 0, < 2:3.49-1
MEDIUM6.5nss - security update
from 0, < 2:3.21-1
MEDIUM6.5nss - security update
from 0, < 3.12.8-1+squeeze14
MEDIUM5.9The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification.
from 0, < 2:3.17-1
MEDIUM5.9nss - security update
from 0, < 2:3.26.2-1.1+deb9u2
MEDIUM5.9nss - security update
from 0, < 2:3.26-1+debu8u4
MEDIUM5.9nss - security update
from 0, < 2:3.41-1
MEDIUM5.9When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead.
from 0, < 2:3.39-1
MEDIUM5.9It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack.
from 0, < 2:3.25-1
MEDIUM5.9nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECD…
from 0, < 2:3.25-1
MEDIUM5.9nss - security update
from 0, < 2:3.26.2-1
MEDIUM5.9nss - security update
from 0, < 2:3.26-1+debu7u2
MEDIUM5.9The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify m…
from 0, < 3.13
MEDIUM5.9icedove - security update
from 0, < 2:3.21-1
MEDIUM5.9Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do n…
from 0, < 3.12.3-1
MEDIUM5.3Other issue in the Libraries component in NSS.
from 0
MEDIUM5.3When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about th…
from 0, < 2:3.55-1
MEDIUM5.3A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures whe…
from 0, < 2:3.45-1
MEDIUM5.3A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bit…
from 0, < 2:3.26.2-1.1
MEDIUM4.7During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulti…
from 0, < 2:3.55-1
MEDIUM4.7nss - security update
from 0, < 2:3.42.1-1+deb10u6
MEDIUM4.7nss - security update
from 0, < 2:3.55-1
MEDIUM4.4During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly…
from 0, < 2:3.53.1-1
MEDIUM4.4firefox-esr - security update
from 0, < 2:3.26-1+debu8u11
MEDIUM4.4firefox-esr - security update
from 0, < 2:3.53-1
MEDIUM4.3Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva".
from 0
LOW3.7nss - security update
from 0, < 2:3.14.5-1+deb7u7
LOW3.7nss - security update
from 0, < 2:3.19.1-1
LOW3.7nss - security update
from 0, < 2:3.26-1+debu8u1
LOW3.4lighttpd - security update
from 0, < 2:3.17.1-1
—nss - security update
from 0, < 2:3.20.1-1
—nss - security update
from 0, < 3.12.8-1+squeeze13
—nss - security update
from 0, < 2:3.14.5-1+deb7u6
—Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before…
from 0, < 2:3.19.1-1
—nss - security update
from 0, < 3.12.8-1+squeeze12
—nss - security update
from 0, < 2:3.14.5-1+deb7u5
—nss - security update
from 0, < 2:3.19.1-1
—nss - security update
from 0, < 2:3.17.2-1.1
—nss - security update
from 0, < 2:3.14.5-1+deb7u4
—icedove - security update
from 0, < 3.12.8-1+squeeze9
—icedove - security update
from 0, < 2:3.17.1-1